MiracleLinux 8 : go-toolset:rhel8 (AXSA:2022-3736:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3736:01 advisory. golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header...

MiracleLinux 9 : golang-1.17.12-1.el9, go-toolset-1.17.12-1.el9 (AXSA:2022-4035:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4035:01 advisory. golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header...

MiracleLinux 8 : grafana-pcp-3.2.0-2.el8 (AXSA:2022-4370:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4370:02 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang:...

CVE-2025-30631

creationtimestamp| type| source ---|---|--- 2026-01-06 22:03:41+00:00| published-proof-of-concept| Telegram/SbENG35ygL93WUNW3oxjVbNr-2bylmdOILaE4ByaVRwe60 2026-01-07 08:32:17+00:00| seen| https://gist.github.com/Darkcrai86/b42b905fccf999dd1693ed1bb704bf71...

CVE-2025-30631 Reflected Cross Site Scripting (XSS) vulnerability in AA-Team WordPress plugins

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Sales Funnel Builder, AA-Team Amazon Affiliates Addon for WPBakery Page Builder formerly Visual Composer allows Reflected XSS.This issue affects Woocommerce Sales Funnel Builder...

Linux Distros Unpatched Vulnerability : CVE-2023-30631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't...

WordPress Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) <= 1.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Amazon Affiliates Addon for WPBakery Page Builder formerly Visual Composer versions = 1.2...

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to uncontrolled recursion in golang (CVE-2022-30631)

Summary Golang is used by IBM Storage Fusion Data Foundation in mcg and cephcsi. as part of the operator. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30631. Vulnerability Details CVEID:CVE-2022-30631 DESCRIPTION: Golang G...

Linux Distros Unpatched Vulnerability : CVE-2022-30631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archiv...

RHEL 9 : runc (RHSA-2024:2180)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2180 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes:...

Moderate: runc security update

The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes: golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: path/filepath: stack...

RHEL 7 / 8 : OpenShift Virtualization 4.12.0 RPMs (RHSA-2023:0407)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0407 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.This advisory contains...

RHEL 8 : Red Hat Application Interconnect 1.0 Release (rpms) (Important) (RHSA-2022:6113)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6113 advisory. This release addresses several security issues in the underlying golang compiler by moving to golang version 1.17.12. Security Fixes:...

RHEL 8 / 9 : OpenShift Container Platform 4.12.3 (RHSA-2023:0727)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0727 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

RHEL 8 : Release of OpenShift Serverless Client kn 1.24.0 (Important) (RHSA-2022:6042)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6042 advisory. Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered a...

CentOS 9 : toolbox-0.0.99.3-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the toolbox-0.0.99.3-7.el9 build changelog. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP...

Rocky Linux 9 : grafana-pcp (RLSA-2022:8250)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8250 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

Rocky Linux 8 : grafana-pcp (RLSA-2022:7648)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7648 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

BELL-CVE-2022-30631 CVE-2022-30631 does not affect BellSoft software

Bulletin has no description...

Debian: Security Advisory (DLA-3475-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...